chore(deps): update dependency cilium/cilium to v1.14.4 #2079

renovate · 2023-11-02T09:10:50Z

cilium/cilium#27841 changed how the routing mode gets set for GKE, and
now it always gets set to "native". Use --datapath-mode flag to force
the tunnel mode for the external workload test since that's the only
configuration that's known to work ¹.

Fixes: #2070

Signed-off-by: renovate[bot] bot@renovateapp.com
Signed-off-by: Michi Mutsuzaki michi@isovalent.com

This PR contains the following updates:

Package	Update	Change
cilium/cilium	patch	`v1.14.2` -> `v1.14.4`

Release Notes

cilium/cilium (cilium/cilium)

`v1.14.4`: 1.14.4

Compare Source

We are pleased to release Cilium v1.14.4. This release includes several network policy performance improvements, improvements and fixes for IPSec, and numerous bug fixes and architectural improvements.

Summary of Changes

Minor Changes:

certmanager: solve CannotRegenerateKey (Backport PR #29030, Upstream PR #28787, @universam1)
Cilium DNS proxy now uses the original pod's address as the source address towards the DNS servers. (Backport PR #29086, Upstream PR #28928, @jrajahalme)
Cilium now properly deletes stale (deleted) nodes from the node_connectivity_status and node_connectivity_latency_seconds metrics, reducing metric cardinality. (Backport PR #28980, Upstream PR #28382, @derailed)
Display interfaces used for IPsec decryption in cilium encrypt status. (Backport PR #28759, Upstream PR #28640, @pchaigno)
helm: delete AWS iptables in all deployments aside from AWS CNI chaining environments (Backport PR #28870, Upstream PR #28697, @nebril)
ipsec: New Prometheus metrics for XFRM configs (Backport PR #28759, Upstream PR #28400, @pchaigno)
policy: Cilium will not process or enforce network policies with port ranges or Kubernetes network policies that use "EndPort". (Backport PR #29030, Upstream PR #28704, @nathanjsweet)
policy: Fixed a bug that incorrectly omitted port-protocol policy rules that omitted the "protocol" field. An omitted "protocol" field now, correctly, is the same as using the "ANY" protocol. (Backport PR #28759, Upstream PR #28703, @nathanjsweet)
v1.14: WG tunneling (#28917, @brb)

Bugfixes:

bpf: Add TC_ACT_REDIRECT check for nodeport (Backport PR #29030, Upstream PR #28927, @sayboras)
Don't bind a /64 address to cilium_host to avoid misrouting cross-node traffic (Backport PR #28759, Upstream PR #28633, @CallMeFoxie)
envoy: fix lb backend endpoint calculation (Backport PR #28870, Upstream PR #27923, @mhofstetter)
Fix CIDR labels computation (Backport PR #28870, Upstream PR #28788, @pippolo84)
Fix concurrency issue when changing labels on pods started before Cilium setup their network. Cilium will now process pod labels modified while setting up the pod network. (Backport PR #28870, Upstream PR #28789, @aanm)
Fix false positives of 'Key allocation attempt failed' in CRD mode (Backport PR #29064, Upstream PR #28810, @aanm)
Fix incorrect logic used by the Ingress Controller to sync Cilium's IngressClass on startup. (Backport PR #28870, Upstream PR #28663, @learnitall)
Fix IPsec error logs to always have all information needed to identify the XFRM configuration on which the error happened. (Backport PR #29030, Upstream PR #28642, @pchaigno)
Fix issue causing KVStoreMesh metrics to be included in the dedicated Service/ServiceMonitor when KVStoreMesh is disabled (Backport PR #28759, Upstream PR #28481, @giorio94)
fix: Correct spire labels identation in helm chart (Backport PR #28759, Upstream PR #28610, @sayboras)
fixed cilium-operator delete CEC cilium-ingress when other ingressclass resources are created (Backport PR #28759, Upstream PR #28638, @chaunceyjiang)
Improved event handling for pod events by removing an unnecessary early return, allowing unrelated components to execute correctly, while enhancing ipcache error logging. (Backport PR #29030, Upstream PR #28840, @aanm)
ingress: cleanup resources on changed ingress class field (Backport PR #29030, Upstream PR #28886, @mhofstetter)
Print full labelset for all identities in 'cilium ip list' output (Backport PR #28759, Upstream PR #28425, @joestringer)
Remove AWS-CONNMARK-CHAIN iptable rules when running in ENI mode. (Backport PR #28759, Upstream PR #28676, @nebril)
spire: add scheduling configurations to helm-chart (Backport PR #28759, Upstream PR #27229, @tvonhacht-apple)
When the CT entry for a DSR connection is garbage-collected, the corresponding SNAT entry is now also removed. (Backport PR #28870, Upstream PR #28857, @julianwiedmann)

CI Changes:

[v1.14] Use pull_request_target in Update Backport Label workflow (#29009, @pippolo84)
ci: disable envoy tracing in multi-pool workflow (Backport PR #29030, Upstream PR #28966, @tklauser)
gh/workflows: Dump Cilium LB node logs in case of failure (Backport PR #29030, Upstream PR #28808, @brb)
Test both VXLAN and GENEVE tunneling as part of the Conformance Cluster Mesh workflow (Backport PR #28870, Upstream PR #28767, @giorio94)

Misc Changes:

bpf: lb: fix missing drop reason in reverse_map_l4_port() (Backport PR #29030, Upstream PR #28884, @julianwiedmann)
bpf: lxc: remove stale ENABLE_IDENTITY_MARK ifdefs (Backport PR #28759, Upstream PR #28391, @julianwiedmann)
bugtool: Collect XFRM error counters twice (Backport PR #28870, Upstream PR #28790, @pchaigno)
chore(deps): update all github action dependencies (v1.14) (minor) (#29010, @renovate[bot])
chore(deps): update all github action dependencies (v1.14) (patch) (#28733, @renovate[bot])
chore(deps): update all lvh-images main (v1.14) (patch) (#28734, @renovate[bot])
chore(deps): update all lvh-images main (v1.14) (patch) (#28867, @renovate[bot])
chore(deps): update dependency cilium/cilium-cli to v0.15.11 (v1.14) (#28735, @renovate[bot])
chore(deps): update dependency cilium/cilium-cli to v0.15.12 (v1.14) (#28998, @renovate[bot])
chore(deps): update docker.io/library/alpine docker tag to v3.18.4 (v1.14) (#28739, @renovate[bot])
chore(deps): update gcr.io/distroless/static-debian11:nonroot docker digest to 91ca472 (v1.14) (#28731, @renovate[bot])
chore(deps): update go to v1.20.11 (v1.14) (patch) (#29044, @renovate[bot])
chore(deps): update quay.io/lvh-images/kind docker tag to bpf-next-20231106.012832 (v1.14) (#28999, @renovate[bot])
ci: Bump timeout on ci-runtime privileged worksflow (Backport PR #29030, Upstream PR #28923, @jrajahalme)
datapath: Move linuxNodeHandler IPsec functions to their own file (Backport PR #29030, Upstream PR #28941, @pchaigno)
doc: Add roadmap for mutual authentication (Backport PR #29030, Upstream PR #29006, @tgraf)
docs: Clarify BPF Map Pressure Metric (Backport PR #28759, Upstream PR #28682, @nathanjsweet)
docs: Update IPsec key rotation command (Backport PR #28759, Upstream PR #28141, @jschwinger233)
go.mod, vendor: use github.com/cilium/dns fork directly (Backport PR #29086, Upstream PR #27582, @tklauser)
Improve deletion of stale backends associated with non-global services, without waiting for full Cluster Mesh synchronization (Backport PR #29030, Upstream PR #28745, @giorio94)
ipsec: Improve encrypt flush command (Backport PR #29030, Upstream PR #28795, @pchaigno)
ipsec: Remove dead code for IPsec node encryption (Backport PR #29030, Upstream PR #28898, @pchaigno)
labels/cidr: Memoize labels for already seen prefixes (Backport PR #28870, Upstream PR #28465, @pippolo84)
labels/cidr: On the fly char replacement for IPv6 (Backport PR #29021, Upstream PR #28647, @pippolo84)
labels: Use slices.Sort instead of sort.Strings (Backport PR #29021, Upstream PR #28649, @pippolo84)
pkg/allocator: store key in variable for error message (Backport PR #29064, Upstream PR #29076, @aanm)
Update the clustermesh troubleshooting guide (Backport PR #28759, Upstream PR #26798, @giorio94)

Other Changes:

[1.14 Backport] ci: use renovate to upgrade Helm in ginkgo tests (#28940, @nebril)
[v1.14] Always migrate cilium_calls_* during ELF load (#28830, @ti-mo)
[v1.14] envoy: Bump version to v1.26.6 (#28853, @sayboras)
ci-e2e: Enable WG encapsulation tests (#28997, @brb)
install: Update image digests for v1.14.3 (#28683, @jrajahalme)

`v1.14.3`: 1.14.3

Compare Source

We are pleased to release Cilium v1.14.3. This is bug fix release addressing the recent HTTP/2 Stream Cancellation Attack (CVE-2023-44487) and other bugs:

Envoy GHSA-jhv4-f7mr-xx76
Go GHSA-qppj-fm5r-hxr3

Summary of Changes

Minor Changes:

bump grpc dependency to 1.56.3 to fix security vulnerability GHSA-qppj-fm5r-hxr3 (#28527, @aanm)
Cut Cilium's initialization time for clusters with a large number of Kubernetes and Cilium Network Policies by 90% (Backport PR #28282, Upstream PR #28173, @aanm)
endpoint: Only perform the full policy map synchronization periodically (every 15 minutes) to reduce overhead with large endpoint policy maps (Backport PR #28095, Upstream PR #27693, @joamaki)
ipam: report IP owner of non-default pool IPs in multi-pool IPAM (Backport PR #28095, Upstream PR #27968, @tklauser)
metrics: add a metric for max observed endpoint ifindex (Backport PR #28282, Upstream PR #27953, @asauber)
metrics: Add map pressure metric for auth map (Backport PR #28442, Upstream PR #28357, @sayboras)
vendor, azure: Bump Azure SDK to Aug 2021 (Backport PR #28330, Upstream PR #28311, @christarazi)

Bugfixes:

bpf: lxc: support Pod->Service->Pod hairpinning with endpoint routes (Backport PR #28123, Upstream PR #27798, @ti-mo)
bpf: overlay: fix missing DBG_DECAP for Inter-Cluster-SNAT (Backport PR #28494, Upstream PR #28466, @julianwiedmann)
Change routing-mode and tunnel-protocol based on .Values.tunnel and .Values.routingMode (Backport PR #28282, Upstream PR #27841, @macmiranda)
datapath: fix NodePort to remote hostns backend with tunnel config (Backport PR #28494, Upstream PR #27323, @michaelasp)
envoy: Sync supported resources to fix not found issue (Backport PR #28349, Upstream PR #28272, @sayboras)
Fix a bug that causes pod-to-pod traffic between nodes to be dropped when IPsec is enabled and kube-proxy installed rules in both iptables-nft and iptables-legacy. (Backport PR #28442, Upstream PR #28258, @pchaigno)
fix bug: pull skb data in cil_from_netdev path for HIGH_SCALE_IPCACHE mode (Backport PR #28095, Upstream PR #27913, @sofat1989)
Fix Gateway API HttpRoute cannot strip path prefix. (Backport PR #28282, Upstream PR #28018, @chaunceyjiang)
Fix hubble metric labeling when only directed Source/Destination Ingress/Egress options are specified. (Backport PR #28095, Upstream PR #27792, @marqc)
Fix minor bug where the previous Cilium proxy port was not reused (Backport PR #28127, Upstream PR #27634, @christarazi)
Fix the trace notification for hairpinned reply traffic, to indicate the correct security identity for the client. (Backport PR #28282, Upstream PR #28133, @julianwiedmann)
Fix wrong host and router IP being used for some IPv6 deployments, which was causing various connectivity problems. (Backport PR #28435, Upstream PR #28417, @ti-mo)
Fix: Gateway API double slash while stripping path prefix (Backport PR #28442, Upstream PR #28294, @nxy7)
Fixes a bug causing panic when counting IPsec keys number via "cilium encrypt status". (Backport PR #28282, Upstream PR #27996, @jschwinger233)
fqdn proxy: fix data race by using separate sessionUDPFactories (Backport PR #28282, Upstream PR #28163, @mhofstetter)
ipam/multipool: Fix bug where allocator was unable to update CiliumNode (Backport PR #28095, Upstream PR #27963, @gandro)
ipcache: fix flapping labels in SelectorCache when reserved:host identity has multiple IPs (Backport PR #28418, Upstream PR #28332, @squeed)
Must have port for Service reference (Backport PR #28282, Upstream PR #27959, @chaunceyjiang)
pkg/k8s: use a deep copy of CNP in UpdateStatus to avoid race condition (Backport PR #28494, Upstream PR #28364, @aanm)
pkg/node: Updates GetIPv6AllocCIDRs() to Properly Return Secondary CIDRs (Backport PR #28095, Upstream PR #27855, @danehans)
resource: Fix race condition in handling of Kubernetes object delete event retrying. In the very rare case when an object was created, deleted and re-created with the same name and the handling of the first deletion failed, the handling of delete event may have been retried even though the object was re-created. Only affected features using the Resource-library (LB IPAM, Mutual Auth and ClusterMesh). (Backport PR #28494, Upstream PR #27340, @joamaki)
Restore host-stack bypass for pod-to-pod traffic in a configuration with kube-proxy, tunnel routing and per-endpoint routes. (Backport PR #28095, Upstream PR #27908, @julianwiedmann)

CI Changes:

[v1.14] ci: Add a call to the update label backport action (#27876, @pippolo84)
[v1.14] GHA: Add clustermesh upgrade and downgrade tests (#28355, @giorio94)
ci-ipsec-upgrade: Enable IPv6 (Backport PR #28095, Upstream PR #27220, @brb)
CI: Add conn-disrupt-test action for reuse (Backport PR #28282, Upstream PR #27567, @jschwinger233)
CI: Add IPsec key rotation test (Backport PR #28105, Upstream PR #27203, @jschwinger233)
CI: Move IPsec CI jobs into separate pipelines (Backport PR #28105, Upstream PR #26730, @jschwinger233)
ci: Run BPF lints on workflow definition changes (Backport PR #28282, Upstream PR #28122, @qmonnet)
ci: update k8s versions support for v1.14 (#28248, @nbusseneau)
Do not hardcode the AWS VPC CNI plugin version in the conformance-aws-cni GHA workflow (Backport PR #28442, Upstream PR #28392, @giorio94)
ginkgo: Remove K8sDatapathCustomCalls (Backport PR #28095, Upstream PR #27911, @brb)
Refactor CiliumExecContext() Retry Logic (Backport PR #28282, Upstream PR #28131, @carnerito)
workflows/ipsec: Add missing --flush-ct for key rotation (Backport PR #28105, Upstream PR #27883, @pchaigno)

Misc Changes:

[Docs] Clarify ClusterMesh troubleshooting steps when KVStoreMesh is enabled (Backport PR #28282, Upstream PR #27691, @weizhoublue)
Add option conntrackGCMaxInterval to allow limiting the maximum connection tracking GC interval. By default the automatic interval calculation may increase the interval up to 12 hours, which may incur an unreasonable delay to releasing of CIDR identities created from ToFQDN policies. Setting this option will limit the interval and ensure such identities are marked unused earlier and removed. (Backport PR #28282, Upstream PR #27870, @joamaki)
bugtool: various updates to BPF map dump (Backport PR #28282, Upstream PR #28065, @julianwiedmann)
bump k8s dependencies to 1.27.6 (#28560, @aanm)
chore(deps): update actions/checkout action to v4 (v1.14) (#27944, @renovate[bot])
chore(deps): update all github action dependencies (v1.14) (minor) (#27776, @renovate[bot])
chore(deps): update all github action dependencies (v1.14) (patch) (#28078, @renovate[bot])
chore(deps): update all github action dependencies (v1.14) (patch) (#28209, @renovate[bot])
chore(deps): update all github action dependencies to v3 (v1.14) (major) (#28101, @renovate[bot])
chore(deps): update all lvh-images main (v1.14) (patch) (#27942, @renovate[bot])
chore(deps): update all lvh-images main (v1.14) (patch) (#28210, @renovate[bot])
chore(deps): update aws-actions/configure-aws-credentials action to v4 (v1.14) (#28102, @renovate[bot])
chore(deps): update cilium/cilium digest to 6c12a0f (v1.14) (#28075, @renovate[bot])
chore(deps): update cilium/cilium digest to 8b7844d (v1.14) (#28196, @renovate[bot])
chore(deps): update dependency cilium/cilium-cli to v0.15.8 (v1.14) (#28211, @renovate[bot])
chore(deps): update dependency cilium/hubble to v0.12.1 (v1.14) (#28521, @renovate[bot])
chore(deps): update dependency cilium/hubble to v0.12.2 (v1.14) (#28566, @renovate[bot])
chore(deps): update docker.io/library/golang:1.20.10 docker digest to 098d628 (v1.14) (#28623, @renovate[bot])
chore(deps): update docker.io/library/golang:1.20.8 docker digest to 6e1a67e (v1.14) (#28197, @renovate[bot])
chore(deps): update docker.io/library/ubuntu:22.04 docker digest to 2b7412e (v1.14) (#28630, @renovate[bot])
chore(deps): update docker.io/library/ubuntu:22.04 docker digest to 990350f (v1.14) (#28579, @renovate[bot])
chore(deps): update docker.io/library/ubuntu:22.04 docker digest to 9b8dec3 (v1.14) (#28384, @renovate[bot])
chore(deps): update docker.io/library/ubuntu:22.04 docker digest to aabed32 (v1.14) (#28076, @renovate[bot])
chore(deps): update docker/build-push-action action to v5 (v1.14) (#28093, @renovate[bot])
chore(deps): update gcr.io/distroless/static-debian11:nonroot docker digest to 92d40ee (v1.14) (#27941, @renovate[bot])
chore(deps): update go to v1.20.10 (v1.14) (patch) (#28515, @renovate[bot])
chore(deps): update myrotvorets/set-commit-status-action action to v2 (v1.14) (#28082, @renovate[bot])
chore(deps): update quay.io/cilium/hubble docker tag to v0.12.1 (v1.14) (#28538, @renovate[bot])
chore(deps): update quay.io/cilium/hubble docker tag to v0.12.2 (v1.14) (#28569, @renovate[bot])
chore(deps): update sigstore/cosign-installer action to v3.1.2 (v1.14) (#27943, @renovate[bot])
ci: fix AWS EKS K8s versions comment (Backport PR #28282, Upstream PR #28249, @nbusseneau)
docs: Add instructions for running LVH against custom kernel (Backport PR #28349, Upstream PR #28305, @brb)
docs: Add Makefile and documentation for "fast" development targets (Backport PR #28095, Upstream PR #27931, @aanm)
docs: Add more details for the Cluster Mesh key rotation (Backport PR #28282, Upstream PR #28145, @margamanterola)
docs: egressgw: document incompatibility with Clustermesh (Backport PR #28095, Upstream PR #27918, @julianwiedmann)
docs: Makefile, check-build.sh clean-ups and perf improvements (Backport PR #28282, Upstream PR #28161, @qmonnet)
docs: Mention RouteTableInterfacesOffset in system requirements (Backport PR #28442, Upstream PR #28358, @gandro)
docs: rephrasing the hubble intro doc (Backport PR #28095, Upstream PR #27712, @vipul-21)
docs: Update Sphinx and its dependencies, Cilium theme (Backport PR #28282, Upstream PR #28172, @qmonnet)
endpoint: Fix use of PolicyMapFullReconciliationInterval option (Backport PR #28095, Upstream PR #27985, @joamaki)
Fix bug when reusing the same cell in multiple hives (Backport PR #28282, Upstream PR #27873, @giorio94)
Fix potential nil pointer dereference in SelectorManager implementation (Backport PR #28095, Upstream PR #27805, @learnitall)
fix(deps): update module golang.org/x/net to v0.17.0 [security] (#28550, @aanm)
fqdn proxy: fix data race detection on TCP fqdn proxy (Backport PR #28282, Upstream PR #28219, @mhofstetter)
Helm: Improved description for tunnel, tunnelProtocol, routingMode flags (Backport PR #28349, Upstream PR #27926, @PhilipSchmid)
hubble: Use protobuf GetType() helper in v1.FlowProtocol() to avoid possible panic (Backport PR #28095, Upstream PR #27889, @chancez)
install/kubernetes: add the cilium/values.yaml target to .PHONY (Backport PR #28282, Upstream PR #28225, @nbusseneau)
ipsec: Atomically upgrade XFRM states with new output-mark (Backport PR #28563, Upstream PR #28485, @pchaigno)
Make tolerations configurable in clustermesh-apiserver certgen job (Backport PR #28282, Upstream PR #28221, @giorio94)
Makefile: fix 'fast' make targets (Backport PR #28442, Upstream PR #28380, @aanm)
policy: Move getNets to selector cache (Backport PR #28670, Upstream PR #27670, @jrajahalme)
Update docs theme (Backport PR #28442, Upstream PR #28403, @raphink)
Update Hubble UI from v0.12.0 to v0.12.1 (#28535, @rolinh)

Other Changes:

envoy: Bump envoy version to v1.25.10 (#28506, @sayboras)
Fix possible cross-cluster connection drops on agents restart when clustermesh is enabled (#27611, @giorio94)
v1.14: avoid relying on golang.org/exp/slices.SortFunc (#28473, @rolinh)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

https://docs.cilium.io/en/latest/network/external-workloads/ ↩

michi-covalent · 2023-11-02T13:57:01Z

converting to draft, we need to fix #2070 first.

cilium/cilium#27841 changed how the routing mode gets set for GKE, and now it always gets set to "native". Use --datapath-mode flag to force the tunnel mode for the external workload test since that's the only configuration that's known to work [^1]. Fixes: #2070 [^1]: https://docs.cilium.io/en/latest/network/external-workloads/ Signed-off-by: renovate[bot] <bot@renovateapp.com> Signed-off-by: Michi Mutsuzaki <michi@isovalent.com>

michi-covalent · 2023-11-18T22:49:14Z

✅ successful run: https://github.com/cilium/cilium-cli/actions/runs/6912664044/job/18808649218?pr=2079 removing the temporary commit and marking it ready for review.

sayboras

LGTM ✔️

renovate bot requested review from a team as code owners November 2, 2023 09:10

renovate bot added kind/enhancement This would improve or streamline existing functionality. priority/release-blocker This issue will prevent the release of the next version of Cilium. renovate/stop-updating Tell Renovate to stop updating PR labels Nov 2, 2023

renovate bot requested review from nbusseneau and derailed November 2, 2023 09:10

renovate bot temporarily deployed to ci November 2, 2023 09:10 Inactive

michi-covalent self-assigned this Nov 2, 2023

michi-covalent added the dont-merge/michi-is-looking-into-this label Nov 2, 2023

michi-covalent marked this pull request as draft November 2, 2023 13:57

michi-covalent removed request for derailed and nbusseneau November 2, 2023 13:57

tklauser removed the priority/release-blocker This issue will prevent the release of the next version of Cilium. label Nov 16, 2023

renovate bot force-pushed the renovate/patch-cilium branch from b3b6763 to 4cdd87b Compare November 17, 2023 10:27

renovate bot changed the title ~~chore(deps): update dependency cilium/cilium to v1.14.3~~ chore(deps): update dependency cilium/cilium to v1.14.4 Nov 17, 2023

renovate bot temporarily deployed to ci November 17, 2023 10:27 Inactive

michi-covalent force-pushed the renovate/patch-cilium branch from 4cdd87b to 064f471 Compare November 18, 2023 03:08

michi-covalent temporarily deployed to ci November 18, 2023 03:08 — with GitHub Actions Inactive

michi-covalent force-pushed the renovate/patch-cilium branch from 064f471 to 4afa59d Compare November 18, 2023 03:42

michi-covalent temporarily deployed to ci November 18, 2023 03:42 — with GitHub Actions Inactive

michi-covalent force-pushed the renovate/patch-cilium branch from 4afa59d to 35708ae Compare November 18, 2023 07:44

michi-covalent temporarily deployed to ci November 18, 2023 07:44 — with GitHub Actions Inactive

michi-covalent force-pushed the renovate/patch-cilium branch from 35708ae to 7cb6425 Compare November 18, 2023 22:49

michi-covalent temporarily deployed to ci November 18, 2023 22:49 — with GitHub Actions Inactive

michi-covalent removed the dont-merge/michi-is-looking-into-this label Nov 18, 2023

michi-covalent marked this pull request as ready for review November 18, 2023 23:42

michi-covalent approved these changes Nov 19, 2023

View reviewed changes

sayboras approved these changes Nov 19, 2023

View reviewed changes

brlbil approved these changes Nov 20, 2023

View reviewed changes

michi-covalent merged commit ce305f7 into main Nov 20, 2023
17 of 19 checks passed

michi-covalent deleted the renovate/patch-cilium branch November 20, 2023 14:06

michi-covalent mentioned this pull request Nov 20, 2023

Change routing-mode and tunnel-protocol based on .Values.tunnel and .Values.routingMode cilium/cilium#27841

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency cilium/cilium to v1.14.4 #2079

chore(deps): update dependency cilium/cilium to v1.14.4 #2079

renovate bot commented Nov 2, 2023 •

edited by michi-covalent

michi-covalent commented Nov 2, 2023

michi-covalent commented Nov 18, 2023

sayboras left a comment

chore(deps): update dependency cilium/cilium to v1.14.4 #2079

chore(deps): update dependency cilium/cilium to v1.14.4 #2079

Conversation

renovate bot commented Nov 2, 2023 • edited by michi-covalent

Release Notes

v1.14.4: 1.14.4

Summary of Changes

v1.14.3: 1.14.3

Summary of Changes

Configuration

Footnotes

michi-covalent commented Nov 2, 2023

michi-covalent commented Nov 18, 2023

sayboras left a comment

Choose a reason for hiding this comment

renovate bot commented Nov 2, 2023 •

edited by michi-covalent

`v1.14.4`: 1.14.4

`v1.14.3`: 1.14.3